Intro
The Local Government Act 1995 (the Act) requires that all local governments establish an audit committee. An audit committee plays a key role in assisting a local government to fulfil its governance and oversight responsibilities in relation to financial reporting, internal control structure, risk management systems, legislative compliance, ethical accountability and the internal and external audit functions.
The purpose of this guideline is to assist local governments to establish and operate an effective audit committee. Clear and comprehensive terms of reference, setting out the committee's roles and responsibilities, are essential and a model terms of reference for an audit committee is provided with this guideline. Matters such as the governing legislation, membership, primary roles and responsibilities of the committee and ancillary functions are also addressed. Guidance is provided to the committee as it approaches its task of appointing an external auditor through provision of a minimum standard audit specification and as it forms an opinion of the local government's internal audit requirements.
The relevant parts of the Act and regulations that relate to audit requirements, audit committees and their functions are listed below.
In relation to financial management under Part 6 of the Act, a local government is to:
Part 7 of the Act and the Local Government (Audit) Regulations 1996 (the Regulations) address the situation of audit. In relation to the duties of the local government with respect to audits:
The Act and Regulations provide that:
The Regulations state that an audit committee:
The role of the audit committee is to support council in fulfilling its governance and oversight responsibilities in relation to financial reporting, internal control structure, risk management systems, internal and external audit functions and ethical accountability.
The audit committee should critically examine the audit and management reports provided by the external auditor. The committee would then determine if matters raised in the reports require action to be taken by the local government and ensure that appropriate action is implemented.
A further role for the audit committee would be to receive and authorise the report relating to the audit prepared by the CEO that is to be sent to the Minister.
This report would outline any actions the local government has taken or intends to take in relation to the matters identified by the auditor.
While a formal internal audit function could be considered to be an operational function and therefore the responsibility of the CEO, it is desirable for an internal auditor to have a direct line of communication to the audit committee.
The audit committee needs to form an opinion of the local government's internal audit requirements and recommend a course of action that ensures that any internal audit processes adopted are appropriate, accountable and transparent. The role of the external auditor in this regard can be established at the time of appointment.
Please note that an audit committee (or any other committee) cannot be given a management task where the Act and Regulations make the CEO specifically responsible. Where the local government is assigned the function through the legislation, the audit committee may have a role unless the function has been delegated to the CEO by the council.
The deliberations and recommendations of the committee must be independent and autonomous. Therefore, the Act prohibits the CEO being a member of the committee. However, it is essential that the CEO be given every opportunity to provide his/her expert advice to the committee as he/she does with full council and other committees.
A model terms of reference is attached as Appendix 1 to assist local governments to define an appropriate role for its audit committee. When considering the model, local governments need to remember it is a guide and they can delete or modify any matters they believe not applicable.
It is important to note that the legislation gives the audit committee a specific role in appointing the auditor. It is to recommend to the council who should be appointed as the auditor. Attached as Appendix 2 is a model 'Minimum Standard Audit Specification' that local governments can use when developing a process to be used to select and appoint a person to be the auditor.
Local governments can amend the document to suit their individual requirements. Any scope adopted must meet, as a minimum, the legislative requirements, as outlined in the Act and the Regulations.
The legislation specifies that a local government is required to meet with its auditor at least once in every year. The term 'local government' in this context means the council. If council so resolved via a formal delegation, a meeting between the audit committee and the auditor would satisfy this requirement.
It is acknowledged that the requirement to meet at least once per year may incur a significant financial burden for the more remote local governments. In such circumstances the meeting can be conducted by telephone or video conference. The council or audit committee should resolve how the meeting with the auditor will be conducted and for the record of the meeting to show that the auditor was involved and the matters discussed. It would be inappropriate for council representatives to meet with the auditor in their offices unless they were members of the audit committee or a significant majority of the members are present.
The committee may need to liaise regularly with the external auditor to discuss the audit plan, results of the audit and implementation of any recommendations for action emerging from the audit. How communication and liaison between auditor and committee is to occur should be addressed in the agreement of appointment.
Advice from the auditor may address issues such as:
The Act requires that an audit committee is to consist of a minimum of 3 members and in that situation all must be council members. Where a committee consists of more than 3 members then a majority of those members must be council members. Local governments may decide to appoint a committee involving only elected members or they may appoint one or more persons who are external to the council. If a council considers it appropriate, the whole council can be appointed to the audit committee.
If the local government wishes to appoint one or more persons other than elected members to the committee, which is recommended, it should ensure that they have the requisite knowledge and skills to provide benefit to the committee.
Irrespective of the membership of the committee, all legislative requirements relating to committee meetings such as advertising meeting dates, notice of meeting and keeping minutes of meetings need to be complied with.
The legislation prevents a meeting fee being paid to an external person but it is permissible for a payment to be made as a reimbursement of expenses, commensurate with the expertise and knowledge such people bring to the committee. The council will need to determine whether payment will be offered and the level of that reimbursement payment.
Members of the committee should be encouraged to attend appropriate courses to keep them up to date with legislation, accounting and other relevant issues.
Local governments are required by legislation to complete a statutory compliance return (Compliance Audit Return or CAR) annually and have the return adopted by council. The return is a checklist of a local government's compliance with the requirements of the Act and its Regulations, concentrating on areas of compliance considered 'high risk.'
The audit committee is to review the annual CAR and report to the council the results of that review, prior to adoption of the return by council. After adoption, the return is to be signed by the mayor or president and the CEO prior to it being forwarded to the department.
The audit committee is to consider the CEO's biennial reviews (see Regulation 17.) of the appropriateness and effectiveness of the local government's systems and procedures in regard to risk management, internal control and legislative compliance and report to the council the results of those reviews.
Attached as Appendix 3 is information to assist in determining what falls within the terms 'risk management,' 'internal control' and 'legislative compliance.'
The audit committee could also consider proposals from the CEO as to whether the compliance audit, and the biennial reviews of risk management, internal control and legislative compliance, are undertaken internally or an external party is contracted to undertake the task. In the case of an external party the audit committee would have responsibility to receive the review report from the CEO and make recommendations on it to full council.
The committee should undertake a proper selection and appointment process as part of appointing, or reappointing an auditor. If reappointment is being considered, the process should include the review of key issues as in i. to v. above.
It is important to realise that the Act specifies that it is a named person(s) that is appointed as auditor, not the company, or 'the partners' of the company which employs the person. Therefore, when the audit report is received it must be signed by the person(s) appointed as the auditor; it cannot be the generic signature identifying the firm.
The Act and Regulations prescribe the scope of the external audit of the annual financial statements of a local government.
The scope details are going to vary between local governments but as an aid a model minimum standard audit specification is attached as Appendix 2 to this guideline. Individual local governments can amend that document to suit their particular needs.
Regulations require the auditor, where appropriate, to prepare a management report to accompany the auditor's report. Although there is no legislative requirement for the auditor to prepare a management report unless he or she deems it appropriate, local government may wish to require the auditor to prepare a report on all issues identified during the audit.
The auditor, after completing the audit, is to forward a copy of his or her audit and management report to –
It is the CEO's responsibility to ensure that the external audit report is provided to the audit committee. In considering the audit and management reports presented to the audit committee, the CEO should:
Once council has addressed matters raised, or accepted the CEO's planned remedial action on matters raised in the audit and management reports, the CEO should provide feedback to the department on those matters.
Important: The following model terms of reference contains clauses that may not be applicable to each local government. Local governments will need to consider each clause and only adopt those that are applicable to the roles and responsibilities and delegated powers and functions that will apply to their audit committee.
The clauses that may be considered optional have been asterisked (*).
The primary objective of the audit committee is to accept responsibility for the annual external audit and liaise with the local government's auditor so that council can be satisfied with the performance of the local government in managing its financial affairs.
Reports from the committee will assist council in discharging its legislative responsibilities of controlling the local government's affairs, determining the local government's policies and overseeing the allocation of the local government's finances and resources. The committee will ensure openness in the local government's financial reporting and will liaise with the CEO to ensure the effective and efficient management of the local government's financial accounting systems and compliance with legislation.
The committee is to facilitate:
The audit committee is to report to council and provide appropriate advice and recommendations on matters relevant to its term of reference. This is in order to facilitate informed decision-making by council in relation to the legislative functions and duties of the local government that have not been delegated to the CEO.
The committee is a formally appointed committee of council and is responsible to that body. The committee does not have executive powers or authority to implement actions in areas over which the CEO has legislative responsibility and does not have any delegated financial responsibility. The committee does not have any management functions and cannot involve itself in management processes or procedures.
The committee will consist of *four members with three elected and *one external person. All members shall have full voting rights.
*External persons appointed to the committee will have business or financial management/reporting knowledge and experience, and be conversant with financial and other reporting requirements.
*Appointment of external persons shall be made by council by way of a public advertisement and be for a maximum term of two years. The terms of the appointment should be arranged to ensure an orderly rotation and continuity of membership despite changes to council's elected representatives.
*Reimbursement of approved expenses will be paid to each external person who is a member of the committee.
The CEO and employees are not members of the committee.
The CEO or his/her nominee is to be available to attend meetings to provide advice and guidance to the committee.
The local government shall provide secretarial and administrative support to the committee.
The committee shall meet at least *quarterly.
Additional meetings shall be convened at the discretion of the presiding person.
Reports and recommendations of each committee meeting shall be presented to the next ordinary meeting of the council.
*The committee shall report annually to the council summarising its activities during the previous financial year.
The duties and responsibilities of the committee will be:
Many local governments have recognised the need to improve their internal auditing processes, and have moved to either employ an internal auditor or contract out the internal audit function.
Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organisation's operations. It helps an organisation accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes.
The scope of an internal audit would be determined by the Audit committee, with input from the CEO, based on the size of the local government's internal operations and the level of compliance to be achieved. The role differs from that of the external auditor who is appointed by council on the recommendation of the Audit Committee, to report independently to it, through the mayor/president and the CEO, on the annual financial statements. The external auditor's primary role is to decide whether the annual financial statements of a local government are free of material misstatement.
There are certain functions of the internal audit that complement the external auditor's role. As the external auditor plans for an effective audit they need to assess and determine whether to include the scope, procedures and outcomes of the internal audit. The CEO must refer all internal audit reports to the audit committee for consideration.
An internal auditor's activities should typically include the following:
For local government, the internal auditor should report functionally to the audit committee and administratively to the CEO. It should be remembered that pursuant to section 5.41 of the Act, the CEO is responsible for the day-to-day management of council activities including the direction of staff and implicitly the internal audit function. The CEO may choose to delegate this responsibility provided always that the delegation does not directly or indirectly interfere with the ability of the Internal Auditor to conduct an internal audit function free from interference.
A clear and properly defined reporting relationship ensures that the internal auditor is empowered to perform their role working with management. The direct reporting line to the audit committee also acts as an adequate safeguard in the event of a serious breakdown in internal controls or internal control culture at senior levels in the organisation.
While it is recognised that smaller councils may not be able to justify a full-time internal auditor, a small size of operation does not justify forgoing internal audit altogether. If audit committee or management is of the view that the employment of an independent internal auditor either full-time or part-time is not warranted, it may request the council to have the internal audit function undertaken as necessary by an external contractor, or expand the role of its external auditor.
The external auditor or his or her professional company should only undertake internal audit functions that complement the external audit and do not cloud the objectivity and independence of the external audit. An external auditor must not audit information prepared by them or their accounting practice, as this is considered incompatible with the standard of independence.
Local governments that do not establish an internal audit process but require a review of the financial management systems and procedures, may decide to use the services of the external auditor for that purpose. Such reviews are to be undertaken every four years in accordance with regulation 5(2)(c) of the Local Government (Financial Management) Regulations 1996.
The review of financial management systems and procedures provides the external auditor with greater assurance of systems and procedures used to prepare the annual financial statements, and whether they provide information free of material misstatement.
Important: The following model minimum standard audit specification may be used as the basis for the calling of tenders or seeking of quotes for the appointment of an auditor. Local governments need to consider the Model to ensure that only those clauses applicable to its requirements are used. This applies, in particular, to the 'Critical matters to be audited'.
This document is provided for the assistance of auditors who wish to apply for the role of auditor with the city/town/shire.
Auditors are required to address all of the matters outlined in the specification.
Auditors who submit an application may be asked to provide further information and/or make a presentation to the audit committee.
To provide an independent audit opinion of the accounts and annual financial reports of the local government for each financial year covered by the term of the audit appointment.
For the financial years commencing 1 July ……... through to 30 June……... (not more than 5 years)
Scope of the audit
The auditor is to:
Carry out such work as is necessary to form an opinion as to whether:
Give an opinion in his or her audit report on:
Include in his or her audit report:
Other requirements of the auditor:
The auditor is required to comply with the requirements of section 7.9 of the Local Government Act 1995 and the Local Government (Audit) Regulations 1996;
The auditor is to include in his or her application the extent to which the critical matters outlined below will be audited so as to form an opinion on the manner in which they have been maintained.
(i) Revenue
(ii) Expenditure
Salary and wage costs
(iii) Current Assets
(iv) Non-Current Assets
(v) Liabilities (Current and non-current)
(vi) Reserve Funds
(vii) Contingent Liabilities
(viii) Capital Commitments
(ix) Accounting Policies and Notes to the Financial Statements
(x) Cash Flow Statement
(xi) The financial ratios required by the Local Government (Financial Management) Regulations 1996Page 16 of 20 Audit in Local Government
The auditor is to provide:
The auditor is to provide a fee for any additional audit requested by council.
Conditions to be noted by auditors:
The appointment as auditor is terminated if:
Please note: Section 7 of the department's Western Australian Local Government Accounting Manual provides a comprehensive internal control framework related to internal control and risk management.
Internal control and risk management systems and programs are a key expression of a local government's attitude to effective controls. Good audit committee practices in monitoring internal control and risk management programs typically include:
Internal control is a key component of a sound governance framework, in addition to leadership, long-term planning, compliance, resource allocation, accountability and transparency. Strategies to maintain sound internal controls are based on risk analysis of the internal operations of a local government.
An effective and transparent internal control environment is built on the following key areas:
Internal control systems involve policies and procedures that safeguard assets, ensure accurate and reliable financial reporting, promote compliance with legislation and achieve effective and efficient operations and may vary depending on the size and nature of the local government.
Aspects of an effective control framework will include:
The following are examples of controls that are typically reviewed:
The compliance programs of a local government are a strong indication of attitude towards meeting legislative requirements. Audit committee practices in regard to monitoring compliance programs typically include:
Monitoring compliance with legislation and regulations;